package com.example.oauth2demo.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

/**
 * 自定义 WebSecurityConfigurerAdapter
 * @author yangj
 */
public interface CustomWebSecurityConfigurer {
    /**
     * Override this method to configure the {@link HttpSecurity}. Typically subclasses
     * should not invoke this method by calling super as it may override their
     * configuration. The default configuration is:
     *
     * <pre>
     * http.authorizeRequests().anyRequest().authenticated().and().formLogin().and().httpBasic();
     * </pre>
     *
     * Any endpoint that requires defense against common vulnerabilities can be specified
     * here, including public ones. See {@link HttpSecurity#authorizeRequests} and the
     * `permitAll()` authorization rule for more details on public endpoints.
     * @param http the {@link HttpSecurity} to modify
     * @throws Exception if an error occurs
     */
    void configure(HttpSecurity http) throws Exception;
}
